Re: IP drop list

Mon, 02 Mar 2015 01:07:34 -0800 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Mon, 2 Mar 2015, Dave McGuire wrote:

On 03/02/2015 02:38 AM, Oliver Welter wrote:

Guys, dovecot is open source - if you desire a feature that the upstream
programmer did not include, pay him a bounty to do so or send him a
patch to be included. Period. We can discuss and mightbe somebody will
fork if he is not willing to accept such a solutuion for any political
reason.

I am really tired of reading this kind of complaints on OSS lists.


 ....and this is perhaps the second most predictable knee-jerk response.

 I am certainly capable of writing such a patch, but there is no point
in expending the effort if it would not be included in the code base.
The extreme negative reactions to this idea from people in this
community, every time it has come up over the years, with almost rabid
Neither Timo nor dovecot.fi did responded with "use fail2ban", if I remember correctly. I actually wonder, why nobody replied with: "this is what tcpwrapper is for" :-) http://wiki2.dovecot.org/LoginProcess?highlight=%28tcp+wrapper%29 
what had been ruled out by the OP with a conditional *if*.
If you for instance add a passdb{} driver, that does not interfere with the remaining code base (much), so one can use: 

passdb {
        driver = ipdeny
        args = <host>/matchpattern/action .... ***
}

in front of any other passdb{}.

*** some sort of notation to configure IP source, matching and reaction.
If such plugin(?) is available, I would expect immediate complains, it does not support: 

+ local file lists with various sets of syntaxes
+ RBLs with a fine grained response matching
+ use the same RBL response for multiple match-action pairs
+ have it depended on protocol (POP3, IMAP, ManageSieve, ...)
+ have it depended on user (use that passdb for all-but or just-these)
+ have it to kick in after certain user-protocol-count-time patterns only

There is this, too:
http://article.gmane.org/gmane.mail.imap.dovecot/61570
http://article.gmane.org/gmane.mail.imap.dovecot/42512

Maybe an addition to the penalty service would be OK as well.
- -- Steffen Kaiser 
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQEVAwUBVPQoIXz1H7kL/d9rAQLHWwgAs+8TAw7i3qerJQHXD4GSDO0jPCDtqGg3
660CMHCilWNYP+AwM/wxRbBkhz6rtTZrMa3BjLlHo3jnc/kNnJu8YdPCiolQCiWX
enU5576oeCikWcAQG/BJxrRTCtHVjzhenu/skCazD8vKncIUlJtn+kiAqpGC3NPe
IAJg2FvZ0wgI+bzecZHFktVT8TF0JWtd8FNkD83rOJvNUW7ECrzyAMSUKQ+X54GH
6vcto6eeERY3DKpf/xUs1QBM/Pee1gdMTFU4clW2u9QZLf1aKuNaEVBAx4BaI5Ti
hzL/UIXZ0+qHehxNCIyTFx0t4MZsPfJg9/dS3t2vmX9efSUFxe9bgg==
=XjPT
-----END PGP SIGNATURE-----

Reply via email to